vps update

file sharing and forgejo
2026-03-13 00:19:07 -06:00 · 2026-03-13 00:19:07 -06:00 · ace2b38ec9
commit ace2b38ec9
parent 6f530b1d5d
11 changed files with 329 additions and 124 deletions
--- a/hosts/server/copyparty.nix
+++ b/hosts/server/copyparty.nix
@ -0,0 +1,64 @@
+{config, ...}: {
+  sops = {
+    defaultSopsFile = ../../secrets/secrets.yaml;
+    defaultSopsFormat = "yaml";
+    age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
+    secrets.copyparty = {
+      owner = "copyparty";
+    };
+  };
+  services.copyparty = {
+    enable = true;
+    settings = {
+      i = "127.0.0.1";
+      p = [3923];
+      e2dsa = true;
+      e2ts = true;
+      xff-src = "127.0.0.1";
+      og-ua = "(Discord|Twitter|Slack)bot";
+    };
+    accounts = {
+      admin.passwordFile = config.sops.secrets.copyparty.path;
+    };
+    volumes = {
+      "/" = {
+        path = "/srv/copyparty";
+        access = {
+          A = "admin";
+          g = "*";
+        };
+        flags = {
+          e2d = true;
+          dedup = true;
+        };
+      };
+    };
+  };
+  systemd.tmpfiles.rules = [
+    "d /srv/copyparty 0750 copyparty copyparty -"
+  ];
+  services.nginx = {
+    enable = true;
+    recommendedProxySettings = true;
+    recommendedTlsSettings = true;
+    virtualHosts."share.monaie.ca" = {
+      forceSSL = true;
+      enableACME = true;
+      locations."/" = {
+        proxyPass = "http://127.0.0.1:3923";
+        proxyWebsockets = true;
+        extraConfig = ''
+          client_max_body_size 0;
+          proxy_buffering off;
+          proxy_request_buffering off;
+          proxy_buffers 32 8k;
+          proxy_buffer_size 16k;
+          proxy_busy_buffers_size 24k;
+          proxy_set_header Connection "Keep-Alive";
+          proxy_read_timeout 36000s;
+          proxy_send_timeout 36000s;
+        '';
+      };
+    };
+  };
+}